To unlock the CIS hardening components, subscribe to the CIS Amazon Linux 2 Level 1 AMI in the AWS Marketplace. Subscribe to the CIS AMI in the AWS Marketplace Create an image from your image pipeline.Create a pipeline from the image recipe.Add a CIS hardening component to an image recipe.
Subscribe to the CIS AMI in AWS Marketplace.To create a CIS hardened image pipeline, we will perform the following steps: We will build a recipe to demonstrate the use of a CIS hardening component and the create a pipeline from it. Let’s create an Image Builder pipeline to include a CIS hardening component on a CIS base image using the Image Builder console. This launch provides a streamlined approach to image hardening by eliminating the need to design, build, and test hardening components.įigure 1: Workflow to create and distribute the customized hardened imagesĭuring the Secure image step, users can now use managed CIS components to build CIS hardened images Getting Started Your subscribed AWS Marketplace AMIs will be available in the subscriptions section of the EC2 Image Builder Console under AWS Marketplace – Image Products. This gives you the ability to customize the baseline CIS image, and still being able to get to CIS standards baseline.
#Cis benchmark server hardening windows
In addition to above, users can further deploy CIS Benchmark Level 1 hardening components for Amazon Linux 2, Red Hat Enterprise Linux (RHEL) 7, Windows Server 2019 and Windows Server 2022 via EC2 Image Builder. This makes it easier for you to seamlessly track and integrate your AWS Marketplace AMI subscriptions in your image customization workflows. Now, customers can search AWS Marketplace AMIs (including CIS hardened image offerings from AWS Marketplace) in EC2 Image Builder Console and use those AMIs as base images in their image build workflows. Introducing CIS Hardening in EC2 Image Builder Customers can use EC2 Image Builder to create custom Amazon Machine Images (AMIs) that are hardened using Center for Internet Security (CIS) Benchmarks.ĮC2 Image Builder, launched in 2019, is a service that simplifies the building, testing, and deployment of Virtual Machine and container images for use on AWS or on-premises. Now customers can search AWS Marketplace Amazon Machine Images (AMIs) directly in the EC2 Image Builder Console and use those AMIs as base images in their image build workflows. This also required a high level of effort to accurately identify and implement the required hardening steps outlined in the CIS Benchmark guide. This required subscriptions to the CIS Benchmark toolset.
They also had to write their own custom components to harden the operating systems to meet Center for Internet Security (CIS) Benchmark guidelines. Until recently, customers had to navigate to the AWS Marketplace Console and search for a compatible Amazon Machine Image (AMI) product for your image pipeline.
0 kommentar(er)
